Islamist hackers' campaign against western banks claims new victims as BB&T, HSBC, and Ally Financial are hit by DDoS attacks.
The Citadel banking-fraud Trojan streamlines itself into an easier-to-use package. Cisco warns that iPv6 poses serious security risks even to those who don't plan to implement the networking protocol. Several new attacks are reported: the US National Weather Service is hacked, WordPress vulnerabilities continue to be exploited, and more phishing campaigns featuring spoofed brands appear.
Saudi Aramco continues to believe an insider was behind the massive attack it sustained late this summer. HP asks researchers to delay demonstrating risks in Huawei gear. (Huawei and ZTE continue to be the focus of security concerns. The US White House denies reports that it "cleared" the companies of involvement in espionage.) A report claims Canada's energy sector is under sustained Chinese cyber attack.
Gartner predicts a major upsurge in cyber attacks on supply chains. Security stocks, down unexpectedly this week, are now seen as buying opportunities. Google announces a negative earnings surprise, and Yahoo exits the Korean market. The UK's government looks for cyber experts of the "X-Box generation," with hacking skills but without university degrees. Dennis Technology rates Kaspersky and Symantec best antivirus vendors.
India prepares to upgrade cyber capabilities to a major military command. Australian banks don't like pending breach-disclosure laws. US state governments are found wanting in cyber preparation: New York, Nevada, and Pennsylvania work on a fix. The Mounties arrest one of their own in a Quebec hacking case.
Today's issue includes events affecting Australia, Brazil, Canada, China, France, India, Iran, Israel, Republic of Korea, Pakistan, Russia, Saudi Arabia, Switzerland, United Kingdom, United States..
Cyber Attacks, Threats, and Vulnerabilities
BB&T's website affected by cyber attack(Bizjournals.com) A "denial of service" attack possibly linked to an Iranian hacker group affected BB&T's website, similar to those that have hit other major U.S. banks. But BB&T Corporation (NYSE: BBT) said the infiltration did not target any individual accounts
HSBC Hit By World-Wide Cyber Attack(CFO.com Magazine) HSBC websites worldwide were shut down for several hours today as they faced a "denial of service" cyberattack. The group website, hsbc.com, as well as several national and online banking sites including those in the United Kingdom, the United States
Ally Financial latest US bank to face cyber attack(Reuters) Ally Financial Inc said on Thursday it was monitoring "unusual activity" on its web site, the latest U.S. bank to report internet issues following recent cyber attacks that have been linked to Iran. Bank of America Corp (BAC.N), Wells Fargo
PNC 'pummeled' during cyberattack last month, CEO says(Equities.com) PNC Financial Services Group Inc. was "pummeled" in a cyber attack last month that limited access to its websites for two days, the Downtown-based bank's CEO said on Thursday. "We had 38 straight hours of attacks on our systems, and we had the
PNC official: Iran conducted cyberattack on bank(Washington Times) A senior U.S. banking executive said Thursday that Iran was behind an ongoing series of massive cyberattacks that have targeted nine major U.S. banks in recent weeks by slowing or interrupting access to their websites. Now theyre talking about they sourced it from Iran, James Rohr, chief executive of PNC Financial Services Group, told CNBC. It was not clear to whom exactly he was referring.
Citadel Trojan Updates with Dynamic Config Mechanism that Streamlines Fraud Activity(Threatpost) Citadel TrojanThe elusive authors of the Citadel Trojan have released a new version of their banking botnet malware and service. The latest version, the sixth since it debuted in January and dubbed Rain, includes a dynamic configuration mechanism that allows botmasters to inject malicious content to compromised browsers on the fly. This real-time interaction with bots avoids the need to send an updated configuration file to the entire botnet and lessens the risk of detection
7 IPv6 Security Risks(eSecurity Planet) Not many people consider security risks associated with IPv6, the newest version of the Internet Protocol. But maybe they should. The rise of IPv6 could give you some severe security headaches -- even if you have no current plans to implement the new networking protocol. That was the stark warning issued by Eric Vyncke, a security
Requesting Sensitive Data Via Google Docs: Phishing Really is That Easy(Threatpost) Please leave your credit card number, its expiration date and security code, along with your full name and billing address in the comments section of this blog post. You're obviously not going to do this. You know better, I know better, but there are those who don't. So many, in fact, that scammers are not only comfortable with and willing to invest in scams no more or less complicated, but they are also confident that the scams will succeed
Phishing attacks increasingly target brands(Help Net Security) The number of brands targeted by phishing attacks sustained an all-time high of 428 in April of this year, the second record-breaking quarter for cybercrime brand abuse reported by the APWG this year
Saudi Insider Likely Key to Aramco Cyber-Attack(Inter Press Service) Last weekend's disclosure that Iranian cyber warriors had disabled some 30,000 computers owned by the Saudi oil giant Aramco is attracting considerable attention here, particularly in light of a warning last week by
Canadian energy sector rife with Chinese cyberespionage: reports(ipolitics) Canadian energy firms have been victims in a global wave of cyber attacks originating in China in recent years. Just last month, security experts revealed Telvent Inc., a Calgary-based IT provider specializing in electrical grids, and another unnamed Canadian energy firm were hacked by malware designed to steal information. Meanwhile, reports by the worlds leading cybersecurity groups claim that attacks against energy infrastructure are increasing, a worrying trend for an industry that depends on massive online networks to coordinate everything from fossil fuel drilling to power distribution
Security Patches, Mitigations, and Software Updates
Apple Patches Java Flaws(Threatpost) Apple JavaApple has released a patch that fixes a laundry list of vulnerabilities in Java after Oracle pushed out a fix for the technology for users of Windows and other platforms. The patch from Apple also completely disables the Java plugin in users' browsers in order to prevent users from falling victim to new attacks on the oft-vulnerable application
Adobe Updates Sandbox in Reader, Acrobat XI(PC Magazine) Adobe added a number of new security features into Reader and Acrobat XI, such as support for elliptic curve cryptography and PDF whitelisting, as well as beefing up the sandbox. Protected Mode in Reader XI now has data theft prevention capabilities
Enterprise IT supply chains will be compromised(Net-Security) Enterprise IT supply chains will be targeted and compromised, forcing changes in the structure of the IT marketplace and how IT will be managed moving forward, according to Gartner. By 2017, IT supply chain integrity will be identified as a top three security-related concern by Global 2000 IT leaders. Supply chain integrity is the process of managing an organization's internal capabilities, as well as its partners and suppliers, to ensure all elements of an integrated solution are of high assurance
Cybersecurity business, jobs expected to grow through 2016(Baltimore Sun) And spending by intelligence agencies, which is often obscured and difficult to forecast precisely, is expected to climb from $2.3 billion last year, to $3.6 billion in 2016, he said. Part of what's fueling the increases: Government officials are
The New Cyber Wars: Out of the Flame and Into the Fire(Huffington Post) Unfortunately, we're no longer talking solely about lone cyber-terrorists, hacktivist groups, or even rogue states such as Iran. Chinese hackers were likely behind the large-scale cyber-strike on Google in 2010, as well as similar attacks on Northrop
Cloud Computing? Studies Say It's a Gifted, High-Energy Kid(Midsize Insider) Or so says a recent survey by the Cloud Security Alliance (CSA) and IT certification group ISACA, as reported by Forbes. The 252 cloud users surveyed said that "platform and infrastructure service offerings are still in the infancy stage of maturity
Yahoo To Pull Out Of Korean Search By The End Of The Year, Its First Asian Market Exit(TechCrunch) Yahoo has announced plans to close its Korean business by the end of the year. In a statement the company described the move as part of ongoing efforts to streamline operations and realign its global business. The company hired a new CEO — former Googler Marissa Mayer — in July, replacing interm CEO Ross Levinsohn. Reuters notes that South Korea is the first Asian market Yahoo is leaving
Britain seeking 'Xbox generation' spies(ABC Online) Britain has launched a new spy recruitment drive aimed at "Xbox generation" youngsters without a university education but with social media and computer game skills to counter the threat of cyber attack. British foreign secretary William Hague launched
Inside Intel, part 2: The future IT security workforce(CSO) What will the information security department of the future look like? The future workforce will look somewhat different than the current workforce, according to Alan Ross, senior principal engineer at Intel. IT security functions will likely change because computing itself is changing so much--and Intel is at work preparing for the new security landscape
IRS challenged by logical access with HSPD-12 cards(Fierce Government IT) Efforts at the Internal Revenue Service to use the mandatory governmentwide identity cards required by Homeland Security Presidential Directive-12 for logical access threaten to run into more delays, says the Treasury Inspector General for Tax Administration
Army [knowledge management] systems disparate, say officials(Fierce Government IT) Knowledge management efforts have been embedded within the Army for years, but there is very little uniformity or interaction across the service, said Army officials Oct. 17 while speaking on a panel at KMWorld in Washington, D.C. "Inconsistency is the consistency," said Jim Bradley, deputy chief knowledge officer at Army training and doctrine command
SAIC Wins $152M to Help Run Army AMCOM Enterprise IT(Govconwire) Science Applications International Corp. (NYSE: SAI) has won a $152 million task order from the U.S. Army to provide information technology support services to the Aviation and Missile Life Cycle Management Command. According to a company release, this order runs for 37 months and was awarded through the Information Technology Enterprise Solutions-2 contract vehicle
Booz Allen Reports $295M in Wins on $873M NGA Tech Services IDIQ(InformationWeek) Booz Allen Hamilton (NYSE: BAH) has won $295 million in prime awards from the National Geospatial-Intelligence Agency since May under a potential $873 million contract for enterprise support and technical services. The company said Thursday NGA awarded the Enterprise Support to Management and Resources for Technical Services contract in May, through which it will acquire
Huawei, ZTE: 4 Security Fears(InformationWeek) Trojan equipment? Spy tool? Sloppy code? The information security debate rages on over these Chinese telecom equipment makers
Mozilla Opens Its Firefox For Android Marketplace To Developers And Early Adopters(TechCrunch) Mozilla just launched the latest Aurora version of Firefox for Android and with this, the organization is also opening the Firefox Marketplace to early adopters and testers. The Firefox Marketplace is similar to the Google's Web Store for Chrome. Users can browse the store to find mobile web apps and developers can showcase their web apps. These apps run in full-screen mode and can also be pinned
FCC unveils updated online cyber tool for small businesses(The Hill) Nearly 10,000 businesses have used the tool since Genachowski first introduced it last year, according to the FCC. The agency partnered with Symantec, eBay, Visa, the Department of Homeland Security and others on updating the online cybersecurity tool.
ModSecurity 2.7.0 released(Help Net Security) ModSecurity makes full HTTP transaction logging possible, allowing complete requests and responses to be logged. Its logging facilities also allow fine-grained decisions to be made about exactly what
Windows 8 Administration Pocket Consultant(Help Net Security) Portable and precise, this pocket-sized guide delivers ready answers for administering computers running Windows 8. Zero in on core operations and daily tasks using quick-reference tables, instruction
Dell unveils new enterprise vision(Help Net Security) Dell announced plans to help businesses globally adopt modern, standards-based data center technologies that enable them to realize repeatable results and superior value at every scale
IBM releases ten integrated security solutions(Help Net Security) IBM announced a broad set of security software to help holistically secure data and identities. IBM's new software capabilities help clients better maintain security control over mobile devices
SAIC, McAfee Team on Updated Cyber Firewall Platform(The New New Internet) A Science Applications International Corp. subsidiary and McAfee have combined two of their cyber platforms to create an updated network firewall, SAIC announced Wednesday. SAIC said CloudShield will run McAfee's Firewall Enterprise, used by government and defense agencies worldwide, on the CloudShield CS-4000 cyber platform
Windows 8 PC Makers Face Touch Trouble(InformationWeek) Touch has a big role in Microsoft's marketing blitz for Windows 8. But many Ultrabooks set to go on sale this fall aren't touch-enabled
Antivirus evaluation puts Kaspersky and Symantec on top(CSO) Dennis Technology Labs released the results of its latest round of antivirus tests seeking to determine the effectiveness of several commercial anti-malware products, with Kaspersky and Symantec coming out on top. Dennis Technology Labs ran three basic sets of A/V tests -- one each for enterprise, small business and consumer home office -- looking at the relative strength of several different types of products to protect against threats and block malicious sites. Here's a quick rundown of the results for each of the three tests
Cyber Security Awareness Month - Day 18 - Vendor Standards: The vSphere Hardening Guide(Internet Storm Center) Many vendors have security hardening guides - step-by-step guides to increasing the security posture of one product or another. We alluded to the Cisco guides earlier this month (Day 11), Microsoft also makes a decent set of hardening guides for Windows server and workstation products, as do most Linux distros - you'll find that most vendors have documents of this type
Reverse-Engineering Twitter To Solve An Advertising Mystery(Fast Company) Recently I opened the Twitter app on my Mac and noticed something very strange: It was omitting promoted tweets from my timeline. In the side-by-side comparisons below, notice the "howaboutwe.com" promoted tweet from Twitter.com on the right is missing
Tips for protecting your privacy(Help Net Security) Every month more than 5,000 people take to Twitter to complain about how their mobile device has been snooped on or their visual privacy invaded. Who can't resist eavesdropping on a conversation
Preparing Pakistan for a cyber war(Dawn) If there is anybody who can be considered a real-life Frankenstein, it is probably Berners-Lee, the inventor of the World Wide Web. Much like the monster created by the protagonist in the Mary Shelley classic, the internet has become an uncontrollable creature with its ever-expanding claws that keep on seducing everyone into its control
On Cybersecurity, India Begins to Embrace the Private Sector(Council on Foreign Relations ) This turned out to be a glass film that has been certified to prevent eavesdropping even by the U.S. National Security Agency and apparently adorns the windows of the White House. One can safely expect many more companies and fly-by-night operators to
Armed forces to pitch for three new commands before PM(New York Daily News) India's armed forces will Friday make a joint pitch before Prime Minister Manmohan Singh and members of the cabinet committee on security (CCS) on setting up three new commands to meet the threats to space assets and cyber infrastructure and for controlling commando operations
Oz banks baulk at data breach notification laws(Finextra) The Australian Bankers' Association has hit out at government proposals floating the introduction of mandatory data breach notification laws, claiming that they would cause "unnecessary alarm". Attorney-General Nicola Roxon has published a discussion paper on how to bolster privacy protections for Australians' personal information in digital databases. Roxon is seeking public input on the issue, asking whether mandatory data breach notification laws should be introduced; what sort of breaches and organisations they should cover; and what should be reported and how quickly
Intelligence Summit held in Albany(EmpireStateNews.net) The Summit was held in conjunction with the New York State Intelligence Center, in partnership with the NYS Division of Homeland Security and Emergency Services. The Summit welcomed the US Department of Homeland Security Principal Deputy
Attack highlights security needs(Tribune-Review) His center works with local leaders on emergency response plans to cope with cyber-attacks and critical communications outages. The Department of Homeland Security, billed as a lead organization in national cybersecurity, simply "does not have the
French Law Endangers Google's 'Very Existence', Threatens Country-Wide News Boycott(TechCrunch) What happens if Google boycotts an entire country's news content? We might get to witness such a trade war if Google excludes French news from its search results because of a proposed law that requires search engines to pay for displaying snippets of content. Google believes the law "would threaten its very existence." France complains that Google is raking in advertising revenue
The White House Denies Ordering a Secret Report Clearing Huawei of Espionage(The Atlantic Wire) Cue the conspiracy theories: an 18-month, Reuters says it got its hands on "a White House-ordered review of security risks posed by suppliers to U.S. telecommunications companies" that cleared Chinese telecom giant Huawei of allegations of actively spying on the U.S. government. But we're not quite sure what to make of the report, since the White House has denied ordering the report in the first place. "The White House has not conducted any classified inquiry that resulted in clearing any telecom equipment supplier," White House National Security Council spokeswoman Caitlin Hayden told Reuters
Suspected Android SMS malware author arrested in France(Sophos) French police have arrested a 20-year-old man in Northern France, in connection with an attack that infected thousands of Android smartphones with money-making malware. According to the authorities, the man worked out of his parents basement in the city of Amiens, creating fake apps that pretended to be legitimate applications. The man's apps are said to have sent SMS text messages without the user's approval, allowing him to earn mobile payments
Megaupload Is Dead. Long Live Mega!(Wired Threat Level) Megaupload's takedown by the U.S. government spurs Kim DotCom to build a filesharing replacement that relies on encryption so owners can't be blamed for knowing that copyright infringing files are on company servers. That, DotCom thinks, will probably keep the
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
Anatomy of an Attack(New York, New York, November 15, 2012) Join Sophos security experts in exploring how threats like malware, Trojans, worms and spyware actually work and what you can do to protect your company, even if you're on a tight budget.
ZeroNights(Moscow, Russia, November 19 - 20, 2012) ZeroNights is an international conference dedicated to the technical side of information security. The mission of the conference is to disseminate information about new attack methods, threats and defense...
Passwords^12(, January 1, 1970) Passwords^12 is a 3-day conference only about passwords & PIN codes. With an "all-star" cast of speakers, including Joan Daemen (AES/SHA3), Jens Steube (alias "atom", hashcat author), Colin Percival (CSO...
BayThreat(Sunnyvale, California, December 7 - 8, 2012) The theme for BayThreat is a new spin on the dichotomy of attacking and defending in information security. We're calling out all of the attackers and defenders that are on the front lines of the battle.
25th Annual FIRST Conference(Bangkok, Thailand, June 16 - 21, 2013) The annual FIRST conference provides a setting for conference participants to attend a wide range of presentations delivered by leading experts in both the CSIRT field and from the global security community.
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.